Update Function ES_CREATE_USER_PROFILE
This commit is contained in:
@@ -1 +1,201 @@
|
||||
牄禗袬蒨@\蚕謨@^@
|
||||
SET PATH *LIBL ;
|
||||
|
||||
CREATE OR REPLACE FUNCTION SAILPOINT.ES_CREATE_USER_PROFILE (
|
||||
AUTHORIZATIONNAME VARCHAR(10) ,
|
||||
TEXTDESCRIPTION VARCHAR(50) DEFAULT NULL ,
|
||||
USERCLASSNAME VARCHAR(10) DEFAULT NULL ,
|
||||
STATUS VARCHAR(10) DEFAULT NULL ,
|
||||
SETPASSWORDTOEXPIRE VARCHAR(10) DEFAULT NULL ,
|
||||
USEROWNER VARCHAR(10) DEFAULT NULL ,
|
||||
GROUPPROFILENAME VARCHAR(10) DEFAULT NULL ,
|
||||
ACCOUNTINGCODE VARCHAR(20) DEFAULT NULL ,
|
||||
JOBDESCRIPTIONNAME VARCHAR(10) DEFAULT NULL ,
|
||||
OUTPUTQUEUENAME VARCHAR(21) DEFAULT NULL ,
|
||||
MESSAGEQUEUENAME VARCHAR(21) DEFAULT NULL ,
|
||||
LIMITCAPABILITIES VARCHAR(10) DEFAULT NULL ,
|
||||
SPECIALAUTHORITIESJSON VARCHAR(1024) DEFAULT NULL )
|
||||
RETURNS CLOB(2147483647)
|
||||
LANGUAGE SQL
|
||||
SPECIFIC SAILPOINT.ESICRTUSR
|
||||
NOT DETERMINISTIC
|
||||
MODIFIES SQL DATA
|
||||
CALLED ON NULL INPUT
|
||||
NOT FENCED
|
||||
SET OPTION ALWBLK = *ALLREAD ,
|
||||
ALWCPYDTA = *OPTIMIZE ,
|
||||
COMMIT = *NONE ,
|
||||
DBGVIEW = *SOURCE ,
|
||||
DECRESULT = (31, 31, 00) ,
|
||||
DYNDFTCOL = *NO ,
|
||||
DYNUSRPRF = *OWNER ,
|
||||
SRTSEQ = *HEX
|
||||
BEGIN
|
||||
--
|
||||
--
|
||||
--
|
||||
--
|
||||
--ermentant variable;
|
||||
DECLARE SPECIALAUTHS VARCHAR ( 1000 ) ;
|
||||
DECLARE V_MESSAGE_ID VARCHAR ( 10 ) ;
|
||||
DECLARE V_MESSAGE_TEXT VARCHAR ( 2048 ) ;
|
||||
DECLARE V_STATUS VARCHAR ( 20 ) ;
|
||||
DECLARE CONTINUE HANDLER FOR SQLEXCEPTION
|
||||
BEGIN
|
||||
DECLARE V_SQLSTATE CHAR ( 5 ) ;
|
||||
DECLARE V_DB2_RETURN_CODE INT ;
|
||||
DECLARE V_DB2_MESSAGE_ID CHAR ( 7 ) ;
|
||||
DECLARE V_ERROR_MESSAGE CLOB ( 2048 ) ;
|
||||
-- Capture diagnostic info
|
||||
GET DIAGNOSTICS CONDITION 1
|
||||
V_DB2_RETURN_CODE = DB2_RETURNED_SQLCODE ,
|
||||
V_SQLSTATE = RETURNED_SQLSTATE ,
|
||||
V_ERROR_MESSAGE = MESSAGE_TEXT ,
|
||||
V_DB2_MESSAGE_ID = DB2_MESSAGE_ID ;
|
||||
RETURN
|
||||
(
|
||||
VALUES JSON_OBJECT (
|
||||
'success' VALUE 'false' , 'SQLInfo' VALUE JSON_OBJECT (
|
||||
'SQLState' VALUE V_SQLSTATE ,
|
||||
'SQLCode' VALUE V_DB2_RETURN_CODE ,
|
||||
'messageID' VALUE V_DB2_MESSAGE_ID ,
|
||||
'message' VALUE V_ERROR_MESSAGE ,
|
||||
'currentTimestamp' VALUE CURRENT_TIMESTAMP
|
||||
)
|
||||
) ) ;
|
||||
END ;
|
||||
-- Convert JSON string into space separated list
|
||||
IF SPECIALAUTHORITIESJSON IS NOT NULL THEN
|
||||
SET SPECIALAUTHS = (
|
||||
SELECT LISTAGG ( TRIM ( FRAGMENT ) , ' ' )
|
||||
FROM TABLE (
|
||||
CISTOOLS . SPLIT_STRING (
|
||||
REGEXP_REPLACE (
|
||||
CAST (
|
||||
SPECIALAUTHORITIESJSON AS VARCHAR ( 1000 )
|
||||
CCSID 37 ) , '[\[|\]|\{|\}|\"|\,|\s+]' ,
|
||||
' ' ) , ' ' )
|
||||
)
|
||||
WHERE FRAGMENT <> ''
|
||||
AND FRAGMENT IS NOT NULL ) ;
|
||||
END IF ;
|
||||
-- Build the command
|
||||
SET CISTOOLS . SQL_STATEMENT = 'CRTUSRPRF USRPRF(' || AUTHORIZATIONNAME
|
||||
|| ')' ;
|
||||
IF TEXTDESCRIPTION IS NOT NULL THEN
|
||||
SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' TEXT(' ||
|
||||
CISTOOLS . GET_QUOTED ( TEXTDESCRIPTION ) || ')' ;
|
||||
END IF ;
|
||||
IF USERCLASSNAME IS NOT NULL THEN
|
||||
SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' USRCLS('
|
||||
|| USERCLASSNAME || ')' ;
|
||||
END IF ;
|
||||
IF STATUS IS NOT NULL THEN
|
||||
SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' STATUS('
|
||||
|| STATUS || ')' ;
|
||||
END IF ;
|
||||
IF SETPASSWORDTOEXPIRE IS NOT NULL THEN
|
||||
SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' PWDEXP('
|
||||
|| SETPASSWORDTOEXPIRE || ')' ;
|
||||
END IF ;
|
||||
IF USEROWNER IS NOT NULL THEN
|
||||
SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' OWNER(' ||
|
||||
USEROWNER || ')' ;
|
||||
END IF ;
|
||||
IF GROUPPROFILENAME IS NOT NULL THEN
|
||||
SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' GRPPRF('
|
||||
|| GROUPPROFILENAME || ')' ;
|
||||
END IF ;
|
||||
IF ACCOUNTINGCODE IS NOT NULL THEN
|
||||
SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' ACGCDE('
|
||||
|| ACCOUNTINGCODE || ')' ;
|
||||
END IF ;
|
||||
IF JOBDESCRIPTIONNAME IS NOT NULL THEN
|
||||
SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' JOBD(' ||
|
||||
JOBDESCRIPTIONNAME || ')' ;
|
||||
END IF ;
|
||||
IF OUTPUTQUEUENAME IS NOT NULL THEN
|
||||
SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' OUTQ(' ||
|
||||
OUTPUTQUEUENAME || ')' ;
|
||||
END IF ;
|
||||
IF MESSAGEQUEUENAME IS NOT NULL THEN
|
||||
SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' MSGQ(' ||
|
||||
MESSAGEQUEUENAME || ')' ;
|
||||
END IF ;
|
||||
IF LIMITCAPABILITIES IS NOT NULL THEN
|
||||
SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' LMTCPB('
|
||||
|| LIMITCAPABILITIES || ')' ;
|
||||
ELSE
|
||||
SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT ||
|
||||
' LMTCPB(*YES)' ;
|
||||
END IF ;
|
||||
IF SPECIALAUTHS IS NOT NULL
|
||||
AND LENGTH ( TRIM ( SPECIALAUTHS ) ) > 0 THEN
|
||||
SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' SPCAUT('
|
||||
|| SPECIALAUTHS || ')' ;
|
||||
END IF ;
|
||||
CALL CISTOOLS . SYSTEM ( CISTOOLS . SQL_STATEMENT ) ;
|
||||
-- Return JSON with specialAuthorities as array
|
||||
RETURN
|
||||
COALESCE (
|
||||
JSON_OBJECT (
|
||||
'success' : 'true' ,
|
||||
'data' VALUE (
|
||||
SELECT JSON_OBJECT (
|
||||
'authorizationName' VALUE CAST (
|
||||
AUTHORIZATION_NAME AS VARCHAR ( 256 ) CCSID 37 ) ,
|
||||
'tempPassword' VALUE CAST (
|
||||
AUTHORIZATION_NAME AS VARCHAR ( 256 ) CCSID 37 ) ,
|
||||
'textDescription' VALUE CAST (
|
||||
TEXT_DESCRIPTION AS VARCHAR ( 256 ) CCSID 37 ) ,
|
||||
'userClassName' VALUE CAST (
|
||||
USER_CLASS_NAME AS VARCHAR ( 256 ) CCSID 37 ) ,
|
||||
'status' VALUE CAST (
|
||||
STATUS AS VARCHAR ( 256 ) CCSID 37 ) ,
|
||||
'userOwner' VALUE CAST (
|
||||
USER_OWNER AS VARCHAR ( 256 ) CCSID 37 ) ,
|
||||
'groupProfileName' VALUE CAST (
|
||||
GROUP_PROFILE_NAME AS VARCHAR ( 256 ) CCSID 37 ) ,
|
||||
'accountingCode' VALUE CAST (
|
||||
ACCOUNTING_CODE AS VARCHAR ( 256 ) CCSID 37 ) ,
|
||||
'homeDirectory' VALUE CAST (
|
||||
HOME_DIRECTORY AS VARCHAR ( 256 ) CCSID 37 ) ,
|
||||
'limitCapabilities' VALUE CAST (
|
||||
LIMIT_CAPABILITIES AS VARCHAR ( 528 ) CCSID 37 ) ,
|
||||
'specialAuthorities' VALUE (
|
||||
SELECT JSON_ARRAYAGG (
|
||||
TRIM ( FRAGMENT )
|
||||
)
|
||||
FROM TABLE (
|
||||
CISTOOLS . SPLIT_STRING (
|
||||
TRIM (
|
||||
CAST (
|
||||
A . SPECIAL_AUTHORITIES AS
|
||||
VARCHAR ( 528 ) CCSID 37 ) ) , ' ' )
|
||||
)
|
||||
WHERE TRIM ( FRAGMENT ) <> '' ) ,
|
||||
'creationTimestamp' VALUE CREATION_TIMESTAMP
|
||||
)
|
||||
FROM QSYS2 . USER_INFO A
|
||||
WHERE AUTHORIZATION_NAME = UPPER ( AUTHORIZATIONNAME ) )
|
||||
FORMAT JSON
|
||||
) , JSON_OBJECT (
|
||||
'success' : 'false' , 'SQLInfo' VALUE JSON_OBJECT (
|
||||
'messageID' VALUE 'SQL02000' ,
|
||||
'message' VALUE 'Requested resouce not found ' ,
|
||||
'currentTimestamp' VALUE CURRENT_TIMESTAMP
|
||||
)
|
||||
) ) ;
|
||||
END ;
|
||||
|
||||
GRANT ALTER , EXECUTE
|
||||
ON SPECIFIC FUNCTION SAILPOINT.ESICRTUSR
|
||||
TO AMAPICS WITH GRANT OPTION ;
|
||||
|
||||
GRANT EXECUTE
|
||||
ON SPECIFIC FUNCTION SAILPOINT.ESICRTUSR
|
||||
TO PUBLIC ;
|
||||
|
||||
GRANT ALTER , EXECUTE
|
||||
ON SPECIFIC FUNCTION SAILPOINT.ESICRTUSR
|
||||
TO QSECOFR WITH GRANT OPTION ;
|
||||
|
||||
|
||||
Reference in New Issue
Block a user